General
-
Target
bf2165a4bdafb0945c8b370758e6d0b9ab145147e7ddab448a01b3b25c2ad8a7.exe
-
Size
2.0MB
-
Sample
241102-jzc7xayrax
-
MD5
b51e761b009c658073fd0dc66c8f808f
-
SHA1
8dd8a45980efcae93eec634987396a0a6a3e62e9
-
SHA256
bf2165a4bdafb0945c8b370758e6d0b9ab145147e7ddab448a01b3b25c2ad8a7
-
SHA512
5566a09c50e5d05435a1edb1a7cefdc375e6f656acc69250ffb1a2a051f1a807eb41abc11a1bc489695a4ab80b11150c8f8d8a9867291ac4a33155397a260367
-
SSDEEP
49152:VIfd6RO0EkHbG+Ww6NbHHBp7k5hhelN6YawnqLKwgVR9:VI1P/wYt5ShAiYawbwW
Static task
static1
Behavioral task
behavioral1
Sample
bf2165a4bdafb0945c8b370758e6d0b9ab145147e7ddab448a01b3b25c2ad8a7.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
bf2165a4bdafb0945c8b370758e6d0b9ab145147e7ddab448a01b3b25c2ad8a7.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
bf2165a4bdafb0945c8b370758e6d0b9ab145147e7ddab448a01b3b25c2ad8a7.exe
-
Size
2.0MB
-
MD5
b51e761b009c658073fd0dc66c8f808f
-
SHA1
8dd8a45980efcae93eec634987396a0a6a3e62e9
-
SHA256
bf2165a4bdafb0945c8b370758e6d0b9ab145147e7ddab448a01b3b25c2ad8a7
-
SHA512
5566a09c50e5d05435a1edb1a7cefdc375e6f656acc69250ffb1a2a051f1a807eb41abc11a1bc489695a4ab80b11150c8f8d8a9867291ac4a33155397a260367
-
SSDEEP
49152:VIfd6RO0EkHbG+Ww6NbHHBp7k5hhelN6YawnqLKwgVR9:VI1P/wYt5ShAiYawbwW
Score10/10-
NetSupport
NetSupport is a remote access tool sold as a legitimate system administration software.
-
Netsupport family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-